Stu Fisher
18-07-2007, 01:43 PM
I thought i'd expand a little on what you have said here. However, my little was too long for the thread, so have started a new thread, containing 2 parts!.
My comments to the originally posted are highlighted in bold (hopefully). I'll apologise in advance if some sound pedantic, but they were thoughts I had when reading.
Also, when I have some more time, I'll start a new thread, explaining why moving cell sites away from areas such as schools and residential areas in to the country side, would infact make the issue that these people are compaining against far worse. Not a forensic issue, but an interesting place to discuss I think. Watch this space.
[QUOTE=Disklabs;44]An introduction into Cell Site Analysis
Mobile phones, (or Cell phones) used today are transceivers which use little power. GSM Phones are rated to a maximum transmit power of 2watts, and the transmitter masts operate around 20watts this may vary depending on cell type and location They combine both a transmitter and a receiver. Although most mobile phones, (or cell phones), are used to provide a telephone service for the public, they are still radio transmitters and receivers. Because of this, mobile phones, (or cell phones), behave in the same way that traditional radio equipment does. I agree with respect to RF propagation however, Mobile Cellular System like GSM interact with a core network, where as traditional radio (which I would refer to as CB radio for example) does not operate around a central core, but allows communication directly from mobile device to mobile device. With mobile phone systems, all connnections are routed through a network, not handset to handset Mobile phones operate through networks, (which in the UK are run by O2, Vodafone, Orange and T-Mobile). These networks are GSM, (Global Systems for Mobile communications), and are built around an array of transmitters, receiving stations which cover nearly all of the United Kingdom. Many other countries follow this similar rule; however, they may have different networks run by different companies, (Verizon, AT&T etc). The latest system for mobile phones is 3G, (third generation). Mobile phone systems are now upto 3.5G or advanced third generation systems, with networks and handsets supporting HSDPA (High Speed Download PacketAccess), a step closer to voip (voice over IP) and true mobile internet access. A recent Vodafone TV advert stating the 'internet is now mobile' is infact advertising HSDPA services, which currently very few available handsets supportThis relies on UMTS, (Universal Mobile Telecommunications System), a faster data transfer system using Duplexing technologies. The main difference between GSM and UMTS is its air interface (how the network communicates with the handset) Its no so much to do with duplexing, but more to do with the way channels are constructed and data passed. GSM uses a mixture of FDMA (Frequency Division Multiple Access) and TDMA (Time Division Multiple Access) which in english means that the frequency spectrum is divided up in to specific bands and then accross that frequency the time period of that wave is then broken down to 8 time slots. With UMTS, this systems uses WCDMA (Wideband Code Division Multiple Access) with this system you essentially have 1 frequency and rather then it being broken down into segments of time, information can be transmitted in 'packets of code' very simular to the way normal computer networks transfers data down a cable.In the UK 5 licenses were won for the ability to provide these services. These 3G Technologies network providers are Hutchinson 3G, Orange, Vodafone, O2 and T-Mobile. Although a different style/type of service, UMTS is recorded in the same way as traditional GSM. Handover occurs in the same way between UMTS and GSM as GSM to GSM. Slightly more involved with UMTS however, as far as the user is aware it is the same
These transmit and receive stations (or beacons), beacons? not used with this type of cellular system, transmitter or relay beacons are common with UHF radio (CB radio)are also known as ?Cell Sites?. Each cell site consists of multiple receivers and transmitters and of course the relevant aerials associated with each one. These sites are often on masts, can be sited above police stations, schools or other tall buildings, (giving clearer transmissions, therefore clearer line of site transmission).
Each cell site has a reference number and name initally these references where unique, however these days, due to the shear quantity of cell sites needed, some networks have had to re-use some cell ID's Using this information, one can state exactly the area of the cell site. From this we can pin point to a very small area if the suspect phone has been used in this area.
Whenever a mobile phone is ?on?, it scans the radio frequencies assigned to it by its designated network provider, and then links up the cell that gives it the best coverage. This process is called registration, and is of course necessary for the networks so that they can direct incoming or outgoing calls to the correct phone. When travelling, (for example), a phone may move from one cell site to another. This is achieved by the phone evaluating the signal at all times, and switching over to the appropriate best one. This is also logged by the networks and is known as a ?handover?This only applies in 'dedicated' mode (when the phone is in a call), in 'idle mode' (normal phone status when it is switched on, but not being used by the user, and importantly the state of which measurements for Cell Site Analysis would be taken), the handset decides which cell site it will 'camp-on'. During idle mode, if the phone was to move, and a neighbouring cells signal strength was to become a better choice for the phone then it will switch and camp-on this site. The network at this stage will not know that the phone had moved. If this is the case, how does the network connect an incoming call i hear you say. Well, a cluster of neighbouring cells will be grouped and assigned the same 'location area', the phone is then free to roam around this location area. If an incoming call needs to be connected, the network will initally send a 'paging request' to the entire location area. If say for example a location area consisted of cells A, B, C, D, E and F and the phone initially was camped on cell A, but later moved around and was currently camped on cell E, the network would send this paging request to all cells, A, B, C, D, E and F. The handset would respond to the paging request and then update the network through cell E as to its whereabouts. The only time the network will know of the phones movements, if it had remained consistantly in idle mode, would be if the phone was to move to a different location area (when the phone would then automatically update the network of its location. Or if it had remained static for a prelonged period, a timer already set by the network and given to the handset during its last location update or registration may 'time out' and initiate a location area update. The handover also ensures a continuation of the call, rather than the requirement to redial every time a new better cell site is found.
See new thread for part deux
My comments to the originally posted are highlighted in bold (hopefully). I'll apologise in advance if some sound pedantic, but they were thoughts I had when reading.
Also, when I have some more time, I'll start a new thread, explaining why moving cell sites away from areas such as schools and residential areas in to the country side, would infact make the issue that these people are compaining against far worse. Not a forensic issue, but an interesting place to discuss I think. Watch this space.
[QUOTE=Disklabs;44]An introduction into Cell Site Analysis
Mobile phones, (or Cell phones) used today are transceivers which use little power. GSM Phones are rated to a maximum transmit power of 2watts, and the transmitter masts operate around 20watts this may vary depending on cell type and location They combine both a transmitter and a receiver. Although most mobile phones, (or cell phones), are used to provide a telephone service for the public, they are still radio transmitters and receivers. Because of this, mobile phones, (or cell phones), behave in the same way that traditional radio equipment does. I agree with respect to RF propagation however, Mobile Cellular System like GSM interact with a core network, where as traditional radio (which I would refer to as CB radio for example) does not operate around a central core, but allows communication directly from mobile device to mobile device. With mobile phone systems, all connnections are routed through a network, not handset to handset Mobile phones operate through networks, (which in the UK are run by O2, Vodafone, Orange and T-Mobile). These networks are GSM, (Global Systems for Mobile communications), and are built around an array of transmitters, receiving stations which cover nearly all of the United Kingdom. Many other countries follow this similar rule; however, they may have different networks run by different companies, (Verizon, AT&T etc). The latest system for mobile phones is 3G, (third generation). Mobile phone systems are now upto 3.5G or advanced third generation systems, with networks and handsets supporting HSDPA (High Speed Download PacketAccess), a step closer to voip (voice over IP) and true mobile internet access. A recent Vodafone TV advert stating the 'internet is now mobile' is infact advertising HSDPA services, which currently very few available handsets supportThis relies on UMTS, (Universal Mobile Telecommunications System), a faster data transfer system using Duplexing technologies. The main difference between GSM and UMTS is its air interface (how the network communicates with the handset) Its no so much to do with duplexing, but more to do with the way channels are constructed and data passed. GSM uses a mixture of FDMA (Frequency Division Multiple Access) and TDMA (Time Division Multiple Access) which in english means that the frequency spectrum is divided up in to specific bands and then accross that frequency the time period of that wave is then broken down to 8 time slots. With UMTS, this systems uses WCDMA (Wideband Code Division Multiple Access) with this system you essentially have 1 frequency and rather then it being broken down into segments of time, information can be transmitted in 'packets of code' very simular to the way normal computer networks transfers data down a cable.In the UK 5 licenses were won for the ability to provide these services. These 3G Technologies network providers are Hutchinson 3G, Orange, Vodafone, O2 and T-Mobile. Although a different style/type of service, UMTS is recorded in the same way as traditional GSM. Handover occurs in the same way between UMTS and GSM as GSM to GSM. Slightly more involved with UMTS however, as far as the user is aware it is the same
These transmit and receive stations (or beacons), beacons? not used with this type of cellular system, transmitter or relay beacons are common with UHF radio (CB radio)are also known as ?Cell Sites?. Each cell site consists of multiple receivers and transmitters and of course the relevant aerials associated with each one. These sites are often on masts, can be sited above police stations, schools or other tall buildings, (giving clearer transmissions, therefore clearer line of site transmission).
Each cell site has a reference number and name initally these references where unique, however these days, due to the shear quantity of cell sites needed, some networks have had to re-use some cell ID's Using this information, one can state exactly the area of the cell site. From this we can pin point to a very small area if the suspect phone has been used in this area.
Whenever a mobile phone is ?on?, it scans the radio frequencies assigned to it by its designated network provider, and then links up the cell that gives it the best coverage. This process is called registration, and is of course necessary for the networks so that they can direct incoming or outgoing calls to the correct phone. When travelling, (for example), a phone may move from one cell site to another. This is achieved by the phone evaluating the signal at all times, and switching over to the appropriate best one. This is also logged by the networks and is known as a ?handover?This only applies in 'dedicated' mode (when the phone is in a call), in 'idle mode' (normal phone status when it is switched on, but not being used by the user, and importantly the state of which measurements for Cell Site Analysis would be taken), the handset decides which cell site it will 'camp-on'. During idle mode, if the phone was to move, and a neighbouring cells signal strength was to become a better choice for the phone then it will switch and camp-on this site. The network at this stage will not know that the phone had moved. If this is the case, how does the network connect an incoming call i hear you say. Well, a cluster of neighbouring cells will be grouped and assigned the same 'location area', the phone is then free to roam around this location area. If an incoming call needs to be connected, the network will initally send a 'paging request' to the entire location area. If say for example a location area consisted of cells A, B, C, D, E and F and the phone initially was camped on cell A, but later moved around and was currently camped on cell E, the network would send this paging request to all cells, A, B, C, D, E and F. The handset would respond to the paging request and then update the network through cell E as to its whereabouts. The only time the network will know of the phones movements, if it had remained consistantly in idle mode, would be if the phone was to move to a different location area (when the phone would then automatically update the network of its location. Or if it had remained static for a prelonged period, a timer already set by the network and given to the handset during its last location update or registration may 'time out' and initiate a location area update. The handover also ensures a continuation of the call, rather than the requirement to redial every time a new better cell site is found.
See new thread for part deux